Status Tracking Note TRTA06-192A

Microsoft Windows, Office, and IIS Vulnerabilities

Overview

Microsoft has released updates that address critical vulnerabilities in Microsoft Windows, IIS, and Office. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable system.
Event Information


Date (UTC)Description
2006-07-12 09:40 JPCERT/CC
JPCERT-AT-2006-0010: Microsoft Products Vulnerabilities
2006-07-11 22:57 US-CERT
TA06-192A: Microsoft Windows, Office, and IIS Vulnerabilities
Via US-CERT Mailing List
2006-07-11 19:43 Microsoft
MS06-JUL: Microsoft Security Bulletin Summary for July, 2006
Via Microsoft Mailing List
2006-07-11 Internet Security Systems
Vulnerability in DHCP Client could allow remote code execution
2006-06-15 Zero Day Initiative (ZDI)
ZDI-06-022: Microsoft Office Excel File Rebuilding Code Execution Vulnerability
Microsoft Excel Malformed File Vulnerability(CVE-2006-2388,MS06-037)
Vulnerability Reported
2006-05-30 Sowhat of Nevis Labs
Microsoft Excel Array Index Error Remote Code Execution
Microsoft Excel Malformed OBJECT record Vulnerability(CVE-2006-1306,MS06-037)
Vulnerability Reported
2006-03-30 NSFOCUS
SA2006-06: Microsoft Excel COLINFO Record Buffer Overflow Vulnerability
Microsoft Excel Malformed COLINFO record Vulnerability(CVE-2006-1304,MS06-037)
Vulnerability Reported
2006-03-30 NSFOCUS
SA2006-05: Microsoft Excel SELECTION Record Memory Corruption Vulnerability
Microsoft Excel Malformed SELECTION record Vulnerability(CVE-2006-1302,MS06-037)
Vulnerability Reported
2006-03-01 TippingPoint
TSRT-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
Mailslot Heap Overflow Vulnerability(CVE-2006-1314,MS06-035)
Vulnerability Reported
2005-12-26 Cybsec Security Systems
Microsoft Windows DHCP Client Service Remote Buffer Overflow
Buffer Overrun in DHCP Client Service Vulnerability(CVE-2006-2372,MS06-036)
Vulnerability Reported
2005-05-27 NSFOCUS
SA2006-04: Microsoft Office GIF Filter Buffer Overflow Vulnerability
Microsoft Office Remote Code Execution Using a Malformed GIF Vulnerability(CVE-2006-0007,MS06-039)
Vulnerability Reported


Date first published (UTC): 2006-07-13T18:56+00:00
Date last updated (UTC): 2006-07-17T21:30+00:00